Sunday, June 05, 2022 // (IG): BB //Weekly Sponsor: UNDERWORLD BJJ
Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data
FROM THE MEDIA: Rustam Kurmaev and Partners work with the Russian government and other high-profile banking, media, oil, and industrial companies, including American firms. The Anonymous hacktivists collective has struck Russia again by leaking approximately 1TB of data from a leading Russian law firm identified as Rustam Kurmaev and Partners (RKP Law).
The news arrives just a day after the collective leaked hundreds of gigabytes of data from the servers of Russia’s largest media holdings with over 100 regional radio stations, Vyberi Radio. It is worth noting that Anonymous waged a cyberwar against Russia in late February 2022 dubbed #OpRussia after the country invaded Ukrainian territories, referring it to “special military operation” to denazify and demilitarize Ukraine.
READ THE STORY: Hackread
Cape Cod Regional Transit Authority hit by ransomware attack
FROM THE MEDIA: FBI and state police are investigating a Memorial Day weekend ransomware attack on the Cape Cod Regional Transit Authority (CCRTA) servers. Tom Cahir, CCRTA administrator, said that on Monday, staff received an email alerting them that files on their servers had been encrypted, which rendered them unreadable. Generally, ransomware attackers ask for money to unencrypt the files.
Ransomware attackers use email as a way to engage their targets in a dialogue, but Cahir said CCRTA staff did not engage with whoever is behind the attack and thus do not know their demands for unencrypting the data. He contacted state and federal law enforcement officials, who are investigating the root of the attack.
READ THE STORY: Cape Cod times
UK to Review Chinese Chip Factory Deal
FROM THE MEDIA: The UK government has called to review the acquisition of the country’s largest semiconductor plant, Newport Wafer Fab by Nexperia which is a Dutch subsidiary of Chinese company Wingtech as a result of a shift in approach to foreign takeovers. The business secretary of the UK, Kwasi Kwarteng said that the country would review all its foreign investments and takeovers under the new National Security and Investment (NSI) Act.
He mentioned; “We welcome overseas investment, but it must not threaten Britain’s national security” Moreover, the NSI Act of January 2022 allows greater scrutiny and inquiry of foreign investment in sensitive industries. Likewise, UK Prime Minister Boris Johnson has also asked the national security advisory board to re-evaluate the deal based on national security grounds
READ THE STORY: Global Village Space
The underground network of Belarusians sabotaging Vladimir Putin's war in Ukraine and plotting a revolution at home
FROM THE MEDIA: While Belarusian President Alexander Lukashenko has been standing by Vladimir Putin, thousands of his people have been planning acts of sabotage and their own revolution. A vast network of former Belarusian officials, activists, private hackers and ordinary citizens has reached deep into Russia's war with the aim of helping Ukrainians defeat their invaders. The Belarusians' fight is a personal one.
They believe if Russia fails in Ukraine, the people of Belarus will be closer to freedom at home. This network had been slowly gaining momentum and members while formulating "a secret plan" for a coordinated uprising against Lukashenko's regime when Putin's forces arrived in Belarus in January.
READ THE STORY: ABC AU
Microsoft Blocks the POLONIUM Hackers From Abusing OneDrive To Exfiltrate the Data
FROM THE MEDIA: Recently Microsoft has detected and blocked attacks on OneDrive from a group of hackers called POLONIUM who are operating from Lebanon. While attacking and compromising Israelian organizations, they sought to exfiltrate data from the OneDrive and act as a command and control center.
More than 20 malicious OneDrive applications associated with POLONIUM’s attacks have also been suspended by Microsoft. Furthermore, through security intelligence updates, the targeted organizations were notified and the threat actors’ tools were quarantined.
READ THE STORY: Cyber Security News
New Unisoc chipset vulnerability could allow remote denial of network services
FROM THE MEDIA: Check Point Research, a cyber security research firm has recently published its findings on a new vulnerability discovered in the baseband processor of Unisoc chipsets. Simply put, the vulnerability affects the network modem that is part of the chipset and responsible for network connectivity. It could theoretically allow an attacker to send a corrupted network packet and disable or interrupt the device's network connectivity. As far as we know, that's the extent to which the vulnerability can be used so far.
We also can't be sure just how many Unisoc chipsets are susceptible to this sort of attack. Check Point Research discovered the vulnerability by reverse engineering the LTE protocol stack implementation on a Unisoc T700 chip inside a Motorola Moto G20 phone (XT2128-2) with a January 2022 security patch installed.
READ THE STORY: GSM ARENA
Why NATO needs to admit not only Finland but also Google
FROM THE MEDIA: A popular joke circulating online among Russian dissidents goes something like this: A Moscovite wife asks her husband if he understands what the war in Ukraine is about. Yes, thunders the husband, repeating the regime’s talking points—it’s a Russian campaign against NATO’s aggression! The wife continues, asking how the war is going, and here the husband grows somber, saying that the brave Russian military has sustained heavy losses, including more than 18,000 dead. And how many casualties, the wife inquires, did NATO suffer? The husband shrugs his shoulders. “I don’t know,” he says. “NATO hasn’t showed up yet.”
Like all good punch lines, this one, too, is multilayered. Neatly folded into the blunt criticism of Putin’s bloodbath is a larger realization about the way we wage war these days, and about how the old structures erected to keep the world at peace are no longer working.
READ THE STORY: FastCompany
Virtual Terror, Real Threats
FROM THE MEDIA: Rapid technological advancements are good for humanity, but they have also given rise to cyber terrorism, which is one of the most concerning worldwide issues. Due to the lack of uniform international treaties and international commitment and coordination, cyber terrorism has become a major concern. Cyber-attacks on sovereign states and their essential information infrastructures are becoming more common, necessitating a worldwide response. Regional and bilateral agreements, as well as local legislation, are insufficient to deter cyber-attacks. As a result, international law is an essential weapon for the international community to combat cyber threats in its many jurisdictions.
Existing solutions provided by current international treaties must be investigated first to examine potential responses to transnational cyber threats and develop a shared understanding of how to combat cyber-attacks. One of the most serious problems in combating cyber terrorism is a lack of international cooperation. These days, cyber terrorist attacks are frequently carried out across numerous states. However, prosecuting them is much more difficult. As a result, the targeted country will frequently use international courts of law to seek justice for the harm cyber-crime has caused.
READ THE STORY: Tribune
Ukraine: U.S. Spy Agencies Review Their Misses
FROM THE MEDIA: The question was posed in a private briefing to U.S. intelligence officials weeks before Russia launched its invasion in late February: Was Ukraine’s leader, Volodymyr Zelenskyy, made in the mold of Britain’s Winston Churchill or Afghanistan’s Ashraf Ghani? In other words, would Zelenskyy lead a historic resistance or flee while his government collapsed? Ultimately, U.S. intelligence agencies underestimated Zelenskyy and Ukraine while overestimating Russia and its president, even as they accurately predicted Vladimir Putin would order an invasion.
But Kyiv, Ukraine’s capital, did not fall in a few days, as the the United States had expected. And while American spy agencies have been credited with supporting Ukraine’s resistance, they now face bipartisan pressure to review what they got wrong beforehand — especially after their mistakes in judging Afghanistan last year.
Intelligence officials have begun a review of how their agencies judge the will and ability of foreign governments to fight. The review is taking place while U.S. intelligence continues to have a critical role in Ukraine and as the White House ramps up weapons deliveries and support to Ukraine, trying to predict what Putin might see as escalatory and seeking to avoid a direct war with Russia.
READ THE STORY: Verve Times
Chinese Researchers Reportedly View Elon Musk’s Starlink as a Military Threat
FROM THE MEDIA: Chinese military researchers reportedly view the SpaceX-operated Starlink satellite internet system as a national security threat while suggesting Beijing needs to have the ability to destroy it. An expert suggests that the PLA has no capability to defeat Starlink.
A Beijing-affiliated military TV program, “Crazy Warfare Show,” recently published an article analyzing the progress of U.S. space exploration technologies with a focus on SpaceX’s Starlink satellite constellation. The report pointed out the military value of Starlink and its critical role in the Russia-Ukraine war while analyzing whether China’s anti-satellite weapons can defeat it.
READ THE STORY: The Epoch Times
UAE: Sweeping Legal ’Reforms’ Deepen Repression
FROM THE MEDIA: Wide-ranging legal changes introduced by the United Arab Emirates (UAE) in late 2021 fail to address the longstanding and systematic restrictions on citizens’ and residents’ civil and political rights, Human Rights Watch said today. The new laws maintain previous provisions and include new ones that pose grave threats to fundamental human rights.
As reported by the state news agency WAM in November, the legal changes include amendments to over 40 laws including on crime and punishment, cybercrimes, and drugs, aiming “to strengthen economic, investment and commercial opportunities, in addition to maximizing social stability, security and ensuring the rights of both individuals and institutions.” While the changes allow for a moderate broadening of personal freedoms, the new legal framework retains severe restrictions on the rights to free expression, association, and assembly.
READ THE STORY: HRW
Blake Dowling: Hackers for good? Robin Hood and ‘goodwill ransomware’
FROM THE MEDIA: Electronic warfare technology targets communications, navigation and guidance systems to locate, blind and deceive the enemy and direct lethal blows. It is used against artillery, fighter jets, cruise missiles, drones and more. Militaries also use it to protect their forces. Commanders largely shun discussing it, fearing they'll jeopardize operations by revealing secrets.
It's an area where Russia was thought to have a clear advantage going into the war. Yet, for reasons not entirely clear, its much-touted electronic warfare prowess was barely seen in the war's early stages when Russia failed to seize the Ukrainian capital of Kyiv. It has become far more of a factor in fierce fighting in eastern Ukraine, where shorter, easier-to-defend supply lines let Russia move electronic warfare gear closer to the battlefield.
READ THE STORY: NWA Online
Starlink is coming to Africa, but who will use it? May 2022
FROM THE MEDIA: Who has the right to name an African movement? Nigerians don’t think it should be a white person living in Europe. Last week, Twitter users turned their attention to Trish Lorenz, a Berlin-based journalist whose book Soro Soke: The Young Disruptors of an African Megacity, co-opts a Yoruba phrase that rallied Nigerians protesting police brutality in Oct. 2020, and uses that movement to profile the change making scene in tech and other aspects of Nigerian society.
It could have been another foreigner’s view of Africa. But not only did Lorenz repeat a cardinal white savior sin of claiming to tell a “little-told” story of “the dreams, and aspirations” of Africans, she made a major judgment error claiming to have coined “the Soro Soke generation.”
READ THE STORY: QZ
Analyzing after-effects of Anchor protocol freezing Earn & Borrow post $800k exploit
FROM THE MEDIA: Anchor, along with Terra, LUNA, and UST, fell victim to the blockchain crash and being the most significant protocol on the chain, it fell the hardest. Not only did investors pull their deposits out of the assets, they even sold off their ANC tokens which resulted in a 99.22% decline in the asset at its worst.
But Anchor has managed to recover, miraculously, except that the token’s recovery did not go as planned. After rising by 3,136% from the lows of $0.01, the coin hit the highs of $0.5, but soon after, it fell again by 64.15%, and the token is now trading at $0.19. This is due to the failed launch of Terra LUNA 2.0, the anticipation of which was the factor that drove the price up.
READ THE STORY: AMB Crypto
An actively exploited Microsoft 0-day flaw still doesn’t have a patch
FROM THE MEDIA: Researchers warned last weekend that a flaw in Microsoft's Support Diagnostic Tool could be exploited using malicious Word documents to remotely take control of target devices. Microsoft released guidance on Monday, including temporary defense measures. By Tuesday, the United States Cybersecurity and Infrastructure Security Agency had warned that “a remote, unauthenticated attacker could exploit this vulnerability,” known as Follina, “to take control of an affected system.” But Microsoft would not say when or whether a patch is coming for the vulnerability, even though the company acknowledged that the flaw was being actively exploited by attackers in the wild. And the company still had no comment about the possibility of a patch when asked by WIRED.
The Follina vulnerability in a Windows support tool can be easily exploited by a specially crafted Word document. The lure is outfitted with a remote template that can retrieve a malicious HTML file and ultimately allow an attacker to execute Powershell commands within Windows. Researchers note that they would describe the bug as a “zero-day,” or previously unknown vulnerability, but Microsoft has not classified it as such.
READ THE STORY: ARSTECHNICA
Items of interest
Activists say cyber agency weakens voting tech advisory
FROM THE MEDIA: The nation’s leading cybersecurity agency released a final version Friday of an advisory it previously sent state officials on voting machine vulnerabilities in Georgia and other states that voting integrity activists say weakens a security recommendation on using barcodes to tally votes.
The advisory put out by the U.S. Cybersecurity and Infrastructure Security Agency, or CISA, has to do with vulnerabilities identified in Dominion Voting Systems’ ImageCast X touchscreen voting machines, which produce a paper ballot or record votes electronically. The agency said that although the vulnerabilities should be quickly mitigated, the agency “has no evidence that these vulnerabilities have been exploited in any elections.”
Dominion’s systems have been unjustifiably attacked since the 2020 election by people who embraced the false belief that the election was stolen from former President Donald Trump. The company has filed defamation lawsuits in response to incorrect and outrageous claims made by high-profile Trump allies.
The advisory CISA released Friday is based on a report generated by University of Michigan computer scientist J. Alex Halderman, an expert witness in a long-running lawsuit that is unrelated to false allegations stemming from the 2020 election.
The machines are used by at least some voters in 16 states, according to a voting equipment tracker maintained by watchdog Verified Voting. In most of those places, they are used only for people who can’t physically fill out a paper ballot by hand. But in some places, including Georgia, almost all in-person voting is done on the affected machines.
READ THE STORY: KXAN
Cyber Security Threat Intelligence Research - Hunting (Video)
FROM THE MEDIA: Cyber Security Threat Intelligence Research - Hunting
Threat Hunting Tutorial: Introduction (Video)
FROM THE MEDIA: Threat Hunting: Overview and Tutorial. Whether you are a student, aspiring threat hunter, cybersecurity professional or business, this video will cover the basics you need to know.
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com